CVE-2008-2927
CVE-2008-2927
Multiple integer overflows in the msn_slplink_process_msg functions in the MSN protocol handler in (1) libpurple/protocols/msn/slplink.c and (2) libpurple/protocols/msnp9/slplink.c in Pidgin before 2.4.3 and Adium before 1.3 allow remote attackers to execute arbitrary code via a malformed SLP message with a crafted offset value, a different vulnerability than CVE-2008-2955.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msnp9/slplink.chttp://developer.pidgin.im/viewmtn/revision/diff/6eb1949a96fa80a4c744fc749c2562abc4cc9ed6/with/c3831c9181f4f61b747321240086ee79e4a08fd8/libpurple/protocols/msn/slplink.chttps://bugzilla.redhat.com/show_bug.cgi?id=453764http://secunia.com/advisories/30971http://secunia.com/advisories/31016http://secunia.com/advisories/31105http://secunia.com/advisories/31387http://secunia.com/advisories/31642http://secunia.com/advisories/32859http://secunia.com/advisories/32861https://exchange.xforce.ibmcloud.com/vulnerabilities/44774https://issues.rpath.com/browse/RPL-2647